Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.1
CVSSv2

CVE-2011-0414

Published: 23/02/2011 Updated: 30/10/2018
CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6
VMScore: 632
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Subscribe to Bind

Vulnerability Summary

ISC BIND 9.7.1 up to and including 9.7.2-P3, when configured as an authoritative server, allows remote malicious users to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.

Vulnerable Product Search on Vulmon Subscribe to Product

isc bind 9.7.1

isc bind 9.7.2

Vendor Advisories

Debian CVElist Bug Report Logs: bind9 freezes every now and then
Debian Bug report logs - #601830 bind9 freezes every now and then Package: bind9; Maintainer for bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Source for bind9 is src:bind9 (PTS, buildd, popcon) Reported by: Benoit Panizzon <debianbug@exp1210spamwoodych> Date: Sat, 30 Oct 2010 07:21:04 UTC Severity: im ...
Ubuntu Security Notice: bind9 vulnerability
It was discovered that Bind incorrectly handled IXFR transfers and dynamic updates while under heavy load when used as an authoritative server A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service ...
Debian Security Advisories: DSA-2208-1 bind9 -- denial of service
It was discovered that BIND, a DNS server, contains a race condition when processing zones updates in an authoritative server, either through dynamic DNS updates or incremental zone transfer (IXFR) Such an update while processing a query could result in deadlock and denial of service (CVE-2011-0414) In addition, this security update addresses a d ...

References

CWE-399http://www.kb.cert.org/vuls/id/559980http://www.isc.org/software/bind/advisories/cve-2011-0414http://www.kb.cert.org/vuls/id/449980https://bugzilla.redhat.com/show_bug.cgi?id=679496http://secunia.com/advisories/43439http://www.vupen.com/english/advisories/2011/0466http://secunia.com/advisories/43443http://www.securitytracker.com/id?1025110http://www.ubuntu.com/usn/USN-1070-1http://www.vupen.com/english/advisories/2011/0489http://www.debian.org/security/2011/dsa-2208http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601830https://usn.ubuntu.com/1070-1/https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/559980
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgeryCVE-2024-34351CVE-2024-1076CVE-2024-25522CVE-2024-34547CVE-2024-4644unauthorizedremoteCVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook